Infrastructure Platforms PTX - Technology Risk & Controls Lead
On-site · London, England, United Kingdom
Job Summary
Technology Risk & Controls Oversight lead within JPMorgan Chase's Infrastructure Platforms PTX program. Provide independent oversight to ensure robust risk management and control effectiveness, partner with PTX operations to establish standards, monitor adherence, and challenge risk decisions. Govern issue management and maintain audit-ready artifacts; oversee reporting and governance of controls and policies; monitor control effectiveness, identify gaps, and recommend enhancements. Integrate PTX control requirements into testing plans and track remediation timelines and issue aging; respond to regulatory and audit inquiries with timely information; develop executive narratives from technical control posture; collaborate with technologists, assessment teams, and data officers to drive shared goals.
Required Qualifications
- Expertise in technology risk management, information security, or related field with risk identification, assessment, and mitigation
- Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
- Strong knowledge of data security, risk assessment and reporting, control evaluation, and governance
- Ability to influence executive-level decision-making and translate technology insights into business strategies
- Experience governing complex infrastructure platforms or cloud deployments through formal lifecycle approvals
- Hands-on experience with control testing, evidence management, and issue management in a regulated environment
- Understanding of infrastructure security domains including identity and access management, configuration baselines, vulnerability management, network segmentation, and monitoring
- Ability to synthesize technical control posture into concise executive narratives and risk decisions
- Exceptional stakeholder management and facilitation skills across technology, risk, audit, and product teams
- Industry-recognized risk certifications such as CISM, CRISC, or CISSP
- Familiarity with frameworks and regulations such as NIST CSF, ISO 27001, SOX ITGC, FFIEC, OCC Heightened Standards, and PCI DSS
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.